Protecting Receivers’ Identities in Secure Data Distribution

Motivation & State-of-the-Art Cryptographic tools for securing multicast communications: Broadcast Encryption (BE): transmit data to a dynamically changing set of recipients o Info about receivers is broadcast in the clear Receivers’ identities often sensitive. Secure communication ought to protect more than just transmitted content! Anonymous BE (ABE) [BBW06]: also hides receiver set Current best solution o Ciphertext linear in number of recipients o Security model against static adversary o Security of enhanced construction based on the ROM; [LPQ12] recently removed ROM from [BBW06] Networking technology at support of military operations o ABE enables secure distribution of tactical data in missions with ad-hoc team formation while concealing identities of operatives authorized to access content BE enables efficient encrypted file systems o ABE avoids disclosure of the identities of the authorized users, not only from outsiders, but also from one another Primitives